Everyone needs a firewall. If you run a web site, have a dial-up connection or control a corporate backbone you have to install a firewall. This will allow the control of what internal information from your network or computer is allowed to go out, and what information is allowed to come in. Taking advantage of a simple firewall installation can help you preserve your data and report all attempts of unauthorized access.
A firewall is a device or system that separates and provides access control between two networks. The operations of firewalls are performed by access control policies or “rules”. It is important to understand what kind of access we want to allow or deny into our network, or a firewall will not really help. Usually security specialists managing the connectivity and administration of firewalls have a heavy responsibility.
On this article series we will review the concept of firewalls, gateways and routers. Specifically, we will explore the installation, migration and administration secrets of Microsoft Internet Security and Acceleration Server (ISA) to provide an easy and hands-on approach for firewall implementers and security managers.
Types of Firewalls
Firewalls vary in their security protection and defense approach. Generally, they run in dedicated hosts or hardware devices that are directly connected to different network segments. A connection to the firewall is established each time a client wants to send data to a server on the separated network.
The main technical distinction between firewalls is the mechanism that they use to pass traffic from one segment to another. Lower-level firewalls perform operations on the first layers of the OSI model (Open Systems Interconnect) which usually makes them faster, while Higher-level firewalls usually analyze more information about the connection, such as a client connection to a specific site.
There are two types of firewalls. Network Layer firewalls are commonly the traditional and simple routers. They make their decisions based on the source, destination addresses and ports in individual connections. These firewalls are not able to make decisions about what the connection contains and where it came from. Modern Network-layer firewalls now maintain internal information about the state of the connection and where it is coming from.
Application-level firewalls do not permit direct traffic between networks. They perform logging and auditing functions on each connection that passes through them. Proxy Servers are commonly used to perform logging and access control for applications between different networks. Application layer firewalls are also commonly used as network address translators. Applications use Application-level firewalls to mask the origin of their connection and transparently communicate with the separate network segment.
Internet Security and Acceleration (ISA) Server: A Corporate Firewall
Whether installed as a dedicated security component, or as an integrated firewall and caching server, ISA Server provides a multi-layered enterprise firewall that helps protect networks from hacker attacks. ISA Server provides several security technologies including: unified server management, packet filtering, intrusion detection and secure publishing. All these features built on top of Windows 2000, simplify network security management tasks and provide a complete and reliable firewall server.
Microsoft ISA Server Welcome Screen
In order to install and configure ISA Server you need a server with 300 megahertz (MHZ) or higher Pentium II-compatible CPU. For hard disk and memory requirements, you need 256 MB of RAM and 20 MB of hard disk space. One local hard disk partition with NTFS file system is also required. For the operating system, you must install Windows 2000 Server with Service Pack 1 or later, Windows 2000 Advanced or Datacenter Server. A network adapter is recommended for each network you are going to connect to. (For example, one for internet and one for your partner network and one for your internal corporate LAN)
To Check System Information with Device Manager:
- Click Start, and then point to Settings.
- Click Control Panel, and then double-click System.
- Click the Hardware tab, and then click Device Manager.
What a Firewall Can’t Protect
ISA Server or any firewall can not protect network attacks that don’t go through the firewall. Many companies that connect to the Internet are very concerned about the insecurity of proprietary data leaking out through that route. Unfortunately the don’t realize that tape backups, disks and CD-Roms can just as effectively leak company information. Not to say, that they usually lack a policy about how dial-in and VPN connections should be protected.
To Backup and Update the Emergency Repair Disk (ERD) Before Installing ISA:
- Click Start, and then Click Run. The Run… dialog box appears.
- In the Run… dialog box, type ntbackup.
- Select the Tools menu.
- Select Create an Emergency Repair Disk.
A firewall can not protect you against stupidity. Users who reveal sensitive information over the telephone, or write their passwords on post-it notes are target for skilled and old-school hackers. An attacker may be able to break into your network by completely bypassing your firewall and all your security access control methods, if he can find the helpful employee inside who can provide him with access to the network.
Finally, a firewall must be a part of a consistent organizational security architecture. And that architecture has to be aligned to the organization’s business goals. Firewall policies must be realistic and reflect the level of security required by the organization. It is not the same to protect a top secret network with confidential data for a government institution, than to protect a web server for a commercial organization that holds a static site for internet presence purposes.
About This Section…
Whether you want to learn what network security is, how firewalls work, or how to script a program in C to manage Active Directory security, this section is designed to provide useful and easy to understand articles for all levels of Information Technology professionals. Rather than provide theoretical views and terms of security principles and systems, we will give you straightforward, real-life information to apply at work. Some of the topics that we will put in plain words in our section will be: How to Build a Firewall with Internet Security and Acceleration (ISA) Server, Analyzing and Monitoring Network Attacks with Windows 2000 and Using and Creating Advanced Windows 2000 Security Tools and Utilities with Simple Programs. As a final point, we will focus on providing the depth necessary to pass any Microsoft-related security exam.
This article originally appeared at 2000Trainers.com.
Leonard Loro, MCSE, MCSD, ISS, MCT, CCNA, is a recognized e-Business specialist. His experience includes engaging, managing and implementing large consulting projects for government agencies and companies like Microsoft, Nissan as well as other Fortune 500’s. Leonard can be reached at Leonardo.loro@enresource.com.
